The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Please stop using Google Password Manager to save your credentials

But instead of providing them with proper safety from the get-go, Google doesn't have on-device encryption enabled by default ...

Google extends Identity Check to your banking apps and password managers

The tech giant has extended Identity Check to all features and apps that use the Android Biometric Prompt. "This means that ...